- From: Lucas Pardue <lucaspardue.24.7@gmail.com>
- Date: Fri, 24 May 2019 15:34:23 +0100
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CALGR9oZAsMVsr6KoPtka7D97S5fj28dkH1aQHcgUvCY5q72iHw@mail.gmail.com>
Hello HTTP WG, Roberto and I have been doing some work on updating RFC 3230 (HTTP Instance Digests) and we recently published the 00 draft, please see attached announcement. In short, this is intended to be a simple update that removes what we perceive as unnecessary prose, tidies up old terminology and provides some examples of edge cases that crop up. We are seeking feedback from the group on the document itself and to gauge interest in taking this work forward. We have collected a number of questions into the document FAQ [1]. Please direct questions, comments or suggestions to this thread or our Github repo [2]. We think this work is relevant to HTTPbis, and our intent is to seek adoption of the update by taking it to the list. But we value your input at this early leg of our journey. *Further Background* Put simply, a "Digest" header can carry a checksum that can be used for some (but not all) integrity checks. This is relevant to a number of HTTP use cases, especially when combined with other features such as transport security or metadata integrity. More recently, it has seen usage in Signed Exchanges (SXG) [3] in tandem with Merkle Integrity Content Encoding (MICE) [3]. However, RFC 3230 sits in an awkward place in the HTTP timeline. It defined some language, like "instance", that was required to articulate the concept at the time but has since been overtaken by the term "representation" introduced in the RFC 723x series. Trying to implement or reference RFC 3230 is confusing and painful. Things like MICE spend some time and effort clarifying ambiguities and it is not alone. We think addressing these problem in one place will make it easier for others to do the right thing with digests. Kind regards Lucas [1] https://github.com/ioggstream/draft-polli-resource-digests-http [2] https://tools.ietf.org/html/draft-polli-resource-digests-http-00#appendix-C <https://ioggstream.github.io/draft-polli-resource-digests-http/draft-polli-resource-digests-http.html#faq> [3] https://tools.ietf.org/html/draft-yasskin-http-origin-signed/ [4] https://datatracker.ietf.org/doc/draft-thomson-http-mice/ ---------- Forwarded message --------- From: <internet-drafts@ietf.org> Date: Thu, May 23, 2019 at 1:19 PM Subject: New Version Notification for draft-polli-resource-digests-http-00.txt To: Roberto Polli <robipolli@gmail.com>, Lucas Pardue < lucaspardue.24.7@gmail.com> A new version of I-D, draft-polli-resource-digests-http-00.txt has been successfully submitted by Roberto Polli and posted to the IETF repository. Name: draft-polli-resource-digests-http Revision: 00 Title: Resource Digests for HTTP Document date: 2019-05-23 Group: Individual Submission Pages: 22 URL: https://www.ietf.org/internet-drafts/draft-polli-resource-digests-http-00.txt Status: https://datatracker.ietf.org/doc/draft-polli-resource-digests-http/ Htmlized: https://tools.ietf.org/html/draft-polli-resource-digests-http-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-polli-resource-digests-http Abstract: This document defines the Digest and Want-Digest header fields for HTTP, thus allowing client and server to negotiate an integrity checksum of the exchanged resource representation data. This document obsoletes [RFC3230]. It replaces the term "instance" with "representation", which makes it consistent with the HTTP Semantic and Context defined in [RFC7231]. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
Received on Friday, 24 May 2019 14:34:57 UTC